On January 5th, wireless company T-Mobile discovered that hackers accessed data of about 37 million of its customers. Some of the data accessed included names, birth dates, emails, phone numbers and billing addresses, which in the healthcare industry, can be considered protected health information (PHI) when dealing with the treatment of a patient. Although T-Mobile doesn’t believe the systems were breached and [...]
As part of the practice of handling protected health information (PHI) during their regular duties, healthcare providers must take precautions to safeguard sensitive information. The Department of Health and Human Services (HHS) recommends ten practices that anyone handling PHI needs to implement, the fifth of which is healthcare asset management. What is Healthcare Asset Management? Healthcare asset management, as HIPAA views it, [...]
While the general public may not fully understand what HIPAA does and doesn’t do, you must understand your responsibilities under this federal law and the severe consequences for failing to meet them if you’re a healthcare provider or a business that supports them. Case in point: in August 2022, A Massachusetts dermatology practice agreed to pay more than $300,000 to settle an [...]
In March of 2022, President Biden signed into law the Consolidated Appropriations Act 2022. The Consolidated Appropriations Act 2022 wears many hats. The law reauthorizes the Anti-Violence Against Women Act, increases defense spending, provides aid to Ukraine, and funds the White House internship program, allowing interns to be paid for the first time. One of the less big-ticket - but by no [...]
As technology makes our lives easier, it brings the challenge of remembering all the various usernames and passwords required to access our data. Many of us take advantage of password management applications in our personal lives, but is there a way to bring that convenience into our work life? Does a HIPAA compliant password manager even exist? We will look at what [...]
Most security experts agree that it is no longer a question of if cybercriminals will target your practice, but when. Hacking, phishing attacks, and ransomware can effectively cripple your business and cost you resources and reputation. But the best tool to prevent small practice cybercrime can be as basic as having a truly effective HIPAA compliance strategy. Reasons to Prevent Small Practice [...]
There are many cybersecurity challenges that face healthcare organizations, particularly as they’ve become more of a target for hackers. This is for several reasons such as the value of protected health information, technological risks, and lack of awareness. To provide guidance, top healthcare cybersecurity challenges are discussed. Healthcare Cybersecurity Challenges Hackers target healthcare data for its value The introduction of new technology [...]
You must complete a HIPAA risk assessment each year, and now is the time to do so. Conducting an annual HIPAA risk assessment is an important part of compliance, as well as being integral to protecting your business against breaches. This is because risk assessments reveal vulnerabilities, threats, and risks to protected health information (PHI), thus uncovering deficiencies in your current security practices. [...]
Cyber threats in healthcare are constantly evolving and becoming more complex. A recent report released by Mandiant Intelligence uncovered the very real threat FIN12 ransomware poses to the healthcare sector. According to the report, 20% of FIN12 ransomware attacks target the healthcare sector. Healthcare organizations in North America in particular have cause for concern, with 85% of FIN12 ransomware attacks targeting victims in North America. [...]
Several major health systems have reported an onslaught of phishing, spoofing, and ransomware incidents. While these healthcare cyber attacks use different tactics, they all have the same end goal - to steal sensitive patient information. Phishing Attack Targets UMass Memorial Health UMass Memorial Health recently informed patients that their protected health information (PHI) was potentially compromised in a healthcare cyber attack stemming [...]
